© Copyright 2026 Clemens Sauerwein  - Imprint & Privacy Policy

Patch Now or Mitigate? An Architecture-Aware Approach to Explainable Vulnerability Treatment

Master's Thesis

Description:

Security teams face thousands of vulnerabilities, but not every critical CVE creates the same real-world risk. This thesis investigates how system architecture, network exposure, privileges, asset criticality, and existing security controls can support better treatment decisions.

The main outcome will be a working prototype that analyzes vulnerability and architecture information and recommends whether a vulnerability should be patched immediately, temporarily mitigated, monitored, or accepted. The prototype will also explain the reasoning behind each recommendation. It will be evaluated using realistic cloud or container-based scenarios and compared with conventional approaches such as CVSS-based prioritization.

If you want to get more information on other available topics for master's or bachelor's theses, please go back to main page.

Offline Website Software